Video Screencast Help
Security Community Blog
Showing posts in English
SebastianZ | 11 Feb 2014 | 0 comments

Microsoft Security Bulletin

On Tuesday the 11th of February Microsoft released the monthly Security Bulletin Summary for February 2014. The summary includes 7 Security Bulletins - 4 are classified as critical; 3 as important:

 

  • MS14-010    Cumulative Security Update for Internet Explorer (2909921)

Vulnerability impact: Critical - Remote Code Execution
Affected Software:
Microsoft Windows, Internet ExplorerSumamry

  • MS14-011    Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (2928390)

Vulnerability impact: Critical - Remote Code Execution
Affected Software: Microsoft Windows

  • MS14-007    Vulnerability in Direct2D Could Allow Remote Code Execution...
The Conquistador | 07 Feb 2014 | 2 comments

I have come across some instances where servers would have failing services or instances where they would have perticularly unusual behavior. Typically resulting in a restart of the services or the server. Even with the most current version of SEP, malicious/dangerous files can still be hidden. I have had a few cases where I ran complete windows updates and have found malicious files that SEP did not detect. I have come to learn that SEP alone cannot get rid of every threat out there, so I make sure that my systems are up to date and alerts are in place if anything occurs. The approach I will use is to run a complete scan of a suspected machine, clean and make sure it is up to date. I would advise caution depending on what your server is utilized for.

I would continue to make sure that it is current with Windows and SEP updates. If there is an instance that is repetitive there is a pretty large chance that this is an undetced infection.

DomSYMC | 05 Feb 2014 | 0 comments

Within Authentication Services there are three types of SSL certificates. These different types of SSL certificates each contain different features and level of authentication that is required in order to get it issued. Understanding these differences can prepare you in knowing what you need to prepare for in order to get the certificate issued as fast as possible.

The Three Types Are:

Extended Validation (EV) SSL
Examples: Secure Site with EV, Secure Site Pro with EV, True business ID with EV, SSL Web Server with EV, MPKI for SSL EV validated

A premium business class SSL security product fully authenticated, visually confirming the highest level of authentication available among SSL certificates. It gives your customers two highly  visible ways to confirm that your web site is secure—the green address bar and the True Site Seal, while providing strong encryption to protect their confidential...

SebastianZ | 29 Jan 2014 | 0 comments

Data Privacy Day led by National Cyber Security Alliance being held in the United States and Canada on 28 January 2014 alongside of the Data Protection Day celebration in Europe. The purpose of Data Privacy day is to raise awareness and promote data privacy education. For those not able to attend - there is a free stream recording available at: http://www.ustream.tv/staysafeonline

- See more at: http://www.staysafeonline.org/data-privacy-day/about

smartblogger | 28 Jan 2014 | 0 comments

An SSL certificate is a mode of authenticating a website and securing the transactions, as well as the data communicated through the website by users. It is, therefore, a critical tool for any website that is involved in e-commerce or similar ventures. Any responsible webmaster understands the indispensable value of this tool to the success of their website.

The first step to have your website SSL certified involves acquiring an SSL certificate from the companies that deal in internet based security. These companies will create the certificate for the website as well as a private key. The private key is what enables the webmaster to use the certificate that they have acquired. Many times SSL certificate India providers, in order to boost the security of the certificate; will delete all copies of the key from their server. This means that a webmaster must store his or her copy of the key quite securely to prevent it from getting lost. The webmaster will need to sign the...

SebastianZ | 27 Jan 2014 | 1 comment

Fortinet’s FortiGuard Labs has published a very interesting whitepaper about 10 years anniversary of mobile malware. According to the study mobile malware is evolving quite rapidly - only in 2013 researchers of FortiGuard have see more than 1300 new malicious applications per day with up to 400.000 malicious applications in total.

The whitepaper goes back up to 2004 and the first mobile worm - Cabir (infecting Nokia phones) up to year 2013 and arrival of first Ransomware for Android devices - FakeDefend.

Reference:
The World’s First Mobile Malware Celebrates its 10th Birthday
http://www.fortinet.com/resource_center/whitepapers/10th-anniversary-of-first-mobile-malware.html

...

SebastianZ | 27 Jan 2014 | 0 comments

Spoofed websites for popular social apps have been observed for some time now - recent reports from Malwarebytes show that one of the most popular mobile app - WhatsApp has been targetted recently as well.

The particular site at question aimed at Russian speakers and offered app download for broad scope of mobile devices - IOS, Android, Windows Phone and Blackberry. The site was resambling the legitimate website quite a bit with lot of code scrambled from the oficial website. The unsuspecting users downloading the application would get infected by variant of Android SMS Trojan that once installed would start sending text messages to premium rate numbers.

 

Reference:

Spoofed Whatsapp site delivers polymorphic SMS Trojan
http://www.net-security.org/malware_news.php?id=2687...

The Conquistador | 24 Jan 2014 | 1 comment

Here is how I corrected this

Baseline Filtering Engine service issue.

Good day everyone, here are the steps that worked for me with the BFE issue.

Error Code 0x80070424 with Windows Firewall and "Base Filtering Engine Service" Not available in services database list.

 

danma_

danma_

13,009 Points 10 3 3

Recent Achievements

Ratings Board President Blog Party Starter New Wiki Editor

View Profile

26 Dec 2011 11:44 PM

  • Comments 261
  • ...
Brandon Noble | 23 Jan 2014 | 2 comments

Recently we have seen a re-emergence of polymorphic file infectors, AKA viruses.

Threats like W32.Sality and W32.Xpiro are using some old-school tactics to infect good files and spread through networks. As the former captain of my high school analogy team, I’m writing this informal blog to help de-mystify some of the difficulties around dealing with these kinds of threats.

If we think of our normal run-of-the-mill Trojans and worms like a specific kind of fruit, it helps a little bit. Let’s say we need to create detection for an apple…That’s pretty simple right? We look for common traits that the apple has with other apples of the same kind. Something like this:
IF fruit AND red skin AND white flesh AND black seeds>detect W32.Apple!red
So now we can detect Galas,...

Philip Routley | 22 Jan 2014 | 0 comments

You need to think global in the 21st century. But sometimes it’s vital to keep a local perspective too. Take internet security. Many threats have a worldwide character but, in every country, consumers and businesses also face specific dangers every time they go online with their laptops, tablets, smartphones or desktops.

And it’s the threats that have been carefully crafted to exploit local trends and behaviours that are often the most plausible and destructive – and most likely to leave you counting the cost in terms of financial loss, stolen data, identity theft, disruption and inconvenience.

Korea is a prime example of what this means in practice. It’s a magnet for cybercriminals based both inside and outside the country, attracted by Korea’s affluence and its well-earned reputation as one of the world’s leading ‘online nations’. In this, the first country to reach 100% WiFi penetration, where 30 million people own smartphones and over 90% of homes have high-speed...